feat: add jwt expire check

1. Check jwt expire by the time_expired value in the cookie, if current time is bigger than the time_expired value, the request's header will not has the X-Auth-Token, then the skyline-api will return 401. 2. update cypress command to use time_expired cookie Change-Id: I4a33649d3dbf630e36bcdee71462b4796e17f714
2023-06-14 16:27:38 +08:00 · 2023-06-14 16:27:38 +08:00 · d07227822f
commit d07227822f
parent 4496eb4f05
4 changed files with 24 additions and 4 deletions
--- a/releasenotes/notes/Add-JWT-Expire-Check-c4dce4d269782a8c.yaml
+++ b/releasenotes/notes/Add-JWT-Expire-Check-c4dce4d269782a8c.yaml
@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Check the JWT expire by the `time_expired` in the cookie for each request.
--- a/src/client/client/request.js
+++ b/src/client/client/request.js
@ -17,6 +17,8 @@ import { getLocalStorageItem } from 'utils/local-storage';
 import { isEmpty } from 'lodash';
 import qs from 'qs';
 import { v4 as uuidv4 } from 'uuid';
+import moment from 'moment';
+import cookie from 'utils/cookie';

 const METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'COPY'];
 /**
@ -53,7 +55,13 @@ export class HttpRequest {

  addToken(config) {
    const keystoneToken = getLocalStorageItem('keystone_token') || '';
-    if (keystoneToken) {
+    const timeExpiredStr = cookie('time_expired');
+    let tokenIsValid = false;
+    if (timeExpiredStr) {
+      const now = moment().valueOf();
+      tokenIsValid = now < timeExpiredStr * 1000;
+    }
+    if (keystoneToken && tokenIsValid) {
      config.headers['X-Auth-Token'] = keystoneToken;
    }
  }
--- a/test/e2e/support/commands.js
+++ b/test/e2e/support/commands.js
@ -37,6 +37,7 @@ Cypress.Commands.add(
  (visitUrl = '', switchToAdmin = false, isAdmin = false) => {
    cy.setLanguage();
    const switchProject = switchToAdmin;
+    cy.setCookie('time_expired', Cypress.config('timeExpired') || '');
    if (isAdmin) {
      if (Cypress.config('adminToken')) {
        cy.setCookie('session', Cypress.config('adminSession'));
@ -74,12 +75,17 @@ Cypress.Commands.add(
      method: 'POST',
    }).then((res) => {
      const { body: resBody, headers } = res;
-      const [sk] = headers['set-cookie'];
+      const [sessionCookie, ...rest] = headers['set-cookie'];
+      const timeCookie = rest[rest.length - 1];
+      const getCookieValue = (sk) => sk.split(';')[0].split('=');
      // eslint-disable-next-line no-unused-vars
-      const [_, session] = sk.split(';')[0].split('=');
+      const session = getCookieValue(sessionCookie)[1];
+      const timeExpired = getCookieValue(timeCookie)[1] || '';
      const { keystone_token } = resBody || {};
      cy.setCookie('session', session);
      cy.setCookie('X-Auth-Token', keystone_token);
+      cy.setCookie('time_expired', timeExpired);
+      Cypress.config('timeExpired', timeExpired);
      if (isAdmin) {
        Cypress.config('adminToken', keystone_token);
        Cypress.config('adminSession', session);
@ -103,8 +109,10 @@ Cypress.Commands.add(
 Cypress.Commands.add('clearToken', () => {
  cy.setCookie('session', '');
  cy.setCookie('X-Auth-Token', '');
+  cy.setCookie('time_expired', '');
  Cypress.config('token', null);
  Cypress.config('adminToken', null);
+  Cypress.config('timeExpired', null);
 });

 Cypress.Commands.add('loginAdmin', (visitUrl = '', switchToAdmin = false) => {
--- a/test/e2e/support/index.js
+++ b/test/e2e/support/index.js
@ -39,7 +39,7 @@ import 'cypress-file-upload';
 require('cypress-downloadfile/lib/downloadFileCommand');

 Cypress.Cookies.defaults({
-  preserve: ['session', 'X-Auth-Token', 'shouldSkip'],
+  preserve: ['session', 'X-Auth-Token', 'shouldSkip', 'time_expired'],
 });

 Cypress.on(